HTTPS site points to same directory as HTTP?

If I enable SSL on mydomain.com, how come the virtual hosts for http://mydomain.com and https://mydomain.com point to the same place?
How should I set it up so that users are prevented from accessing the 'secure content' insecurely?